Recently in Ukraine was stopped, the largest attack of the virus Petya.A was stopped. However, experts warn that an attack of this virus can be repeated. One of the negative effects that the encrypted data cannot be recovered. As told “Today,” a representative of the service data storage FEX.net Anton Semchishin, if the computer under attack, that the average user can do with encrypted files.
According to experts, the cyber-police of Ukraine, the chance to recover the information there are two cases. First – if your computer is infected, partially encrypted, the system will start the encryption process, but external factors have stopped the encryption process, for example, there was a power outage. Second – if your computer is infected, but the encryption process the MFT has not yet started (a failure of the virus response anti-virus software on the virus, etc.). In such cases, there is chance to recover the information that is on the computer (with the detailed recommendations of the cyberpolice can see the link).
- See also: Ukraine under attack by hackers: how to protect yourself from the virus
The way that will help in case if your computer is infected and encrypted, and the user sees the message with the requirement to transfer money to cyber criminals in exchange for the decryption key, is not yet defined.
Today to protect information can help care when using the Internet and the latest antivirus software. In addition, keep the important information will help the backup, tells Semchishin.
Technology cloud storage is considered to be more reliable. A physical drive may be lost or broken. In addition, the external media may themselves be vectors of viruses
“Backup data may be stored on solid media (USB drive, SD card, HDD) or in the cloud. Technology cloud storage is considered to be more reliable. A physical drive may be lost or broken. In addition, the external media may themselves be vectors of viruses. When you download normal files USB flash drive does not check them for the presence of “dormant” viruses. Drive due to virus can fail and data will be lost”, – said the expert.
Other ways to solve this problem yet, says Semchishin. If your computer is under attack, it needs to be off and to carry in service center and then restore from the backup.
- Read also: Experts tell how to cheat Petya virus and avoid infection
In addition, experts recommend not to pay extortionists. As shown by the case of virus Petya.A, users who have paid the required amount, never received any keys to decrypt the data.
- See also: Losses from virus attacks Petya.A in the world to reach 8 billion U.S. dollars
Recall, 27 June, Ukraine was the largest hacker attack. Virus Petya.A, which has encrypted all the data on the computer and demanded ransom, was struck by a network of several organizations, including the state. The cyber attacks began almost simultaneously at about 11:30, the virus has spread very quickly. According to the company ESET, which develops software to combat harmful computer programs, the Ukraine had most of the virus attacks Petya – 75,24% of the total.
A carrier of the virus was a program for reporting and workflow M.E.Doc. Moreover, Petya quickly spread due to the “capture” computer networking – virus was enough to take over one computer in the internal network in order to eventually quickly spread to all of the PC connection.
According to the founder of the antivirus company by cyphort (USA) Nicholas Belogorsky, hackers disguised the virus Petya under “extortion”, although in fact his direct goal was to spoil the system, to interfere with the infrastructure and destroy the data. According to him, the virus was launched specifically for Ukraine.
“It (the virus Petya – ed.) is very different from the previous ones, and it seems that was written specifically for Ukraine. The previous attack was financial, it was a virus-extortionist WannaCry, which was distributed worldwide, encrypted files and demanded a ransom. Petya virus erases data it is not possible to return people to the data, even if they pay. It is spread through the accounting system M.E.Doc that is used only in Ukraine and it is required to use for tax reporting. This is a very technically adapted to the Ukraine virus, and it seems that the attack from the state,” said Belogorsk.
According to the head of the laboratory of computer forensics CyberLab Sergei Prokopenko, the incident can be qualified as a cyber-terrorist attack, because during the attack of virus was observed the massive destruction of infrastructure.
